Privacy Policy

Effective Date:

25.08.2025

Triple Oak Capita Ltd (“we”, “us”, “our”) is committed to protecting the confidentiality and security of personal data entrusted to us. This Privacy Policy explains how we collect, use, store, and protect personal information in compliance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (“EU GDPR”).

1. Who We Are

  • Legal entity: Triple Oak Capital Ltd

We act as the “data controller” in respect of personal data processed in connection with our advisory services.

2. Data We Collect

We may collect and process the following broad categories of personal data:

  • Personal and contact details (such as name, business role, email address, telephone number).
  • Professional and business information (such as company details, corporate structures, and affiliations).
  • Information relating to your relationship with us (including correspondence, proposals, preferences you communicate, and records of our interactions).
  • Technical information (such as website usage data, device identifiers, and communication records).

We do not collect more information than is necessary to provide our services, comply with our obligations, or pursue our legitimate business interests.

3. How We Use Personal Data

We use personal data to:

  • Provide our capital advisory services.
  • Maintain client, investor, and counterparty relationships.
  • Manage our internal business operations.
  • Comply with legal and regulatory obligations.
  • Safeguard our legal rights and respond to disputes.
  • Improve our services and ensure the security of our systems.

Processing is always carried out on lawful grounds, including performance of a contract, compliance with legal obligations, legitimate interests, or consent (where expressly required).

4. Sharing of Personal Data

We may share personal data, on a need-to-know basis, with:

  • Professional advisers and consultants.
  • Third-party service providers (e.g., secure cloud systems, CRM providers).
  • Regulators or government authorities where disclosure is required by law.

All third parties are subject to appropriate safeguards and contractual obligations.

5. International Transfers

If personal data is transferred outside the UK or EEA, we ensure adequate safeguards are in place (such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses).

6. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, or as required for legal, regulatory, or business purposes. Data may be retained beyond the advisory relationship where necessary to establish, exercise, or defend legal rights.

7. Security

We maintain appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, alteration, or loss. Access is limited to authorised personnel only.

8. Data Subject Rights

Individuals may have rights under applicable law, including:

  • Access to their personal data.
  • Rectification of inaccuracies.
  • Erasure (subject to legal and contractual exceptions).
  • Restriction or objection to processing.
  • Data portability.
  • The right not to be subject to automated decision-making.

Requests may be submitted by contacting us (see Section 10). Proof of identity may be required.

9. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

10. Contact

For any queries or to exercise your rights, please contact:

privacy@tripleoakcapital.com

You may also lodge a complaint with the Information Commissioner’s Office (ICO) in the UK or with your local EU supervisory authority.